<?php
/*
    BlogEffects 0.1b2
    http://blogeffects.net/
    Copyright (C) 2007 Chad Ohman (chad@chadohman.com) All rights reserved.

    BlogEffects is distributed WITHOUT WARRANTY WHATSOEVER.

    Last developer edit: December 16, 2007 2:16p
*/
require("include/functions.php");
require_once("../include/config.php");
configure();
$options = fetch_blog_settings();
if (!check_login_cookie() && !isset($_GET['login'])) {
	header("Location: ../admin/?login");
} else {
	if (!isset($_GET['home']) && !isset($_GET['post']) && !isset($_GET['moderation']) && !isset($_GET['extensions']) && !isset($_GET['api']) && !isset($_GET['administration']) && !isset($_GET['login']) && !isset($_GET['logout'])) {
		header("Location: ?home");
	}
	if (isset($_GET['login'])) {
		if (isset($_POST['submit'])) {
			if ($_POST['pass'] == $config['pass']) {
				set_login_cookie();
				header("Location: ../admin/");
			} else {
				$message = 'Incorrect password.';
			}
		} else {
			$message = '<form action="?login" method="POST">Password: <input type="password" name="pass" id="pass"><input type="submit" name="submit" value="Login"></form>';
		}
	} elseif (isset($_GET['logout'])) {
		destroy_login_cookie();
		header("Location: ../");
	}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
	"http://www.w3.org/TR/html4/loose.dtd">
<html>
	<head>
		<title><?php echo $options['blog_title']; ?> - Administration Panel</title>
		<link rel="stylesheet" href="template/style.css" type="text/css" media="screen">
	</head>
	<body>
		<div id="wrapper">
			<div id="header">
				<div id="log"><a href="?<?php if (!check_login_cookie()) { echo 'login'; } else { echo 'logout'; } ?>"><?php if (!check_login_cookie()) { echo 'Login'; } else { echo 'Logout'; } ?></a></div>
				<div id="links">
					<a href="?home">Home</a>
					<a href="?post">Post</a>
					<a href="?moderation"><del>Moderation</del></a>
					<a href="?extensions"><del>Extensions</del></a>
					<a href="?api"><del>API</del></a>
					<a href="?administration"><del>Administration</del></a>
				</div>
			</div>
			<div id="body">
				<?php
				echo '<h1>'.page_attributes("text").'</h1>'."\n";
				echo '<p>'.page_attributes("navigation").'</p>'."\n";
				echo '<p>'.page_attributes("explain").'</p>'."\n";
				if (isset($_GET['home'])) {
					echo '<h1>'.alert("").'</h1>'."\n";
					echo '<p>';
					// echo alert("comments").'<br />'."\n";
					// echo alert("spam").'<br />'."\n";
					echo alert("post_alert")."\n";
					echo '</p>';
				} elseif (isset($_GET['post'])) {
					if (isset($_GET['new'])) {
						if (isset($_POST['submit'])) {
							mysql_query("INSERT INTO `posts` (`id`, `title`, `timestamp`, `text`) VALUES (NULL, '".$_POST['title']."', UNIX_TIMESTAMP(), '".$_POST['blog']."');");
						} else {
							?>
							<form action="?post&new" method="POST">
								<input type="text" id="title" name="title"><br />
								<span class="desc">Title</span><br /><br />
								<textarea id="blog" name="blog"></textarea><br />
								<span class="desc">Message</span><br /><br />
								<input type="submit" id="submit" name="submit" value="Post">
							</form>
							<?php
						}
					} elseif (isset($_GET['edit'])) {
						if (!isset($_GET['id'])) {
							?>
							<table border="0" cellspacing="5" cellpadding="2">
								<tr><th>Title</th><th>Date</th></tr>
								<?php get_posts("5"); ?>
							</table>
							<?php
						} else {
							if (isset($_POST['submit'])) {
								mysql_query("UPDATE `posts` SET `title` = '".$_POST['title']."', `text` =  '".$_POST['blog']."' WHERE `id` = ".$_GET['id']." LIMIT 1 ;");
							} else {
								$post = mysql_fetch_array(mysql_query("SELECT * FROM `posts` WHERE `id` = ".$_GET['id']));
								?>
								<form action="?post&edit&id=<?php echo $post['id']; ?>&submit" method="POST">
									<input type="text" id="title" name="title" value="<?php echo $post['title']; ?>"><br />
									<span class="desc">Title</span><br /><br />
									<input type="text" id="date" name="date" value="<?php echo date("F j, Y", $post['timestamp']); ?>" DISABLED><br />
									<span class="desc">Date <em>(Today: <?php echo date("F j, Y"); ?>)</em></span><br /><br />
									<textarea id="blog" name="blog"><?php echo $post['text']; ?></textarea><br /><br />
									<input type="submit" id="submit" name="submit" value="Edit">
								</form>
								<?php
							}
						}
					} elseif (isset($_GET['delete'])) {
						if (isset($_GET['id'])) {
							mysql_query("DELETE FROM `posts` WHERE `id` = '".$_GET['id']."' LIMIT 1");
						} else {
							?>
							<table border="0" cellspacing="5" cellpadding="2">
								<tr><th>Title</th><th>Date</th></tr>
								<?php get_posts("5"); ?>
							</table>
							<?php
						}
					}
				} elseif (isset($_GET['moderation'])) {
					echo '<h1>Moderation</h1>';
					echo 'This is scheduled for a later release.';
				} elseif (isset($_GET['extensions'])) {
					echo '<h1>Extensions</h1>';
					echo 'This is scheduled for a later release.';
				} elseif (isset($_GET['api'])) {
					echo '<h1>Application Programming Interface (API)</h1>';
					echo 'This is scheduled for a later release.';
				} elseif (isset($_GET['administration'])) {
					echo '<h1>Administration</h1>';
					echo 'This is scheduled for a later release.';
				} elseif (isset($_GET['login'])) {
					echo '<h1>Login</h1>';
					echo $message;
				} elseif (isset($_GET['logout'])) {
					
				}
				?>
			</div>
		</div>
	</body>
</html>
<?php
}
?>